Cloud providers say they can improve federal IT

Like the move to electric grids in the late 19th century and the 1980s replacement of hulking main frames with PCs, the cloud computing utility model is set to change the way federal agencies store data, a University of Texas at San Antonio engineering professor said at a congressional field hearing Tuesday.

“Cloud technology is truly a productivity enabler and a market disruptor,” said Mauli Agrawal, UTSA’s vice president of research. “This will be an enormous advantage to countries at the forefront of this technological change.”

He and Rep. Robin Kelly, D-Illinois, the ranking Democrat on the subcommittee, took testimony on the matter from Agrawal, cloud computing industry leaders and government witness Mark Kneidinger, who is director of the Federal Network Resilience Division for the Homeland Security Department’s Office of Cybersecurity and Communications.

Cloud providers say they can improve federal IT

1of 11U.S. Reps. Will Hurd (center right) and Robin Kelly (center left), members of the U.S. House Committee on Oversight and Government Reform Information Technology Subcommittee, hold a field hearing on cloud computing and cybersecurity Tuesday at UTSA.Photo: Bob Owen /San Antonio Express-News

2of 11John Engates, chief technology officer at Rackspace, speaks on a panel at a field hearing on cloud computing and cybersecurity held by U.S. Reps. Will Hurd and Robin Kelly.Photo: Bob Owen /San Antonio Express-News

5of 11U.S. Representative Will Hurd, right, a member of the U.S. house Committee on Oversight and Government Reform Information Technology Subcommittee, tours Rackspace on Tuesday, Sept. 22, 2015, with Rackspace CTO John Engates, center, and Daniel Sherrill, left, Rackspace Briefing Program Manager, before a field hearing on cloud computing and cybersecurity at UTSA.Photo: BOB OWEN, Staff / San Antonio Express-News

9of 11Panelists at a congressional field hearing at UTSA — Dr. Maul Agrawal (from left), vice president of research at UTSA; Mark Kneidinger, director of the Federal Network Resilience Division of the Department of Homeland Security; John Engates, chief technology officer at Rackspace; Mark Ryland, director of solutions architecture and chief architect at Amazon Web Services; and Alan Boissy, product line manager for Vmware vCloud Government Service — answer questions from members of the U.S. House Committee on Oversight and Government Reform Information Technology Subcommittee.Photo: Bob Owen /San Antonio Express-News

“Legacy systems are difficult to maintain and often make sensitive information available to cyberattacks,” Hurd said. “The Labor Department has a 30-year-old system developed by people who are now all dead. They had to resort to looking for parts on eBay.”

The failure to migrate to the cloud was documented in a 2014 Government Accountability Report looking at seven major federal agencies, including the Department of Homeland Security.

“Challenges remain to the adoption and use of cloud computing solutions in the federal government,” Kelly said. “The subcommittee on information technology can provide effective oversight to ensure that agencies are transitioning to the cloud and leveraging information technologies to operate more efficiently and effectively.”

Kneidinger said some federal agencies remained skeptical, especially when it comes to security concerns.

“It’s a perspective of wanting to know where your systems are,” Kneidinger said. “Part of that is also driven by the ability to have an awareness as to the level of security that’s provided at the cloud level, and the visibility that the agency would have.”

The providers need to secure the agency’s trust, he said, and establish “clear delineation of roles and responsibilities” as well as “understanding as to how they have access to their assets and have an understanding of security.”

Industry witnesses — including John Engates, chief technology officer for Rackspace; Mark Ryland, director of solutions architecture and chief architect for Amazon Web Services; and Alan Boissy, VMware’s product line manager for VMware vcloud Government Service — said cloud providers have by necessity come a long way in providing secure cloud services.

Amazon Web Services tools already are being used by federal intelligence agencies, which have extremely sensitive data, Ryland said.

“I think the intelligence community recognized the value of this highly automated, highly agile environment,” he said. “Things like advance persistent threats don’t exist in an environment that’s constantly being updated.”

Boissy said agencies should assess cloud services in a methodical way that starts with knowing what can and can’t be migrated.

“It needs to include the privacy elements, contract security,” he said. “Above all, migration to the cloud should be a business decision rather than an IT decision.”

Rackspace servers tend to be in use 25 percent more of the time than old-school data servers because customers can pay to access only the space they need when they need it, Engates said. Enhanced security has become part of the formula because of shared security services and because security devices are typically unaffordable for individual users.

“The U.S. government is still figuratively running its own power plants instead of buying capacity from the cloud, and as a result it’s falling behind,” Engates said.